From: Star Zeng <star.zeng@intel.com>
Date: Tue, 19 May 2015 01:33:25 +0000 (+0000)
Subject: SecurityPkg Variable: Prevent BS variable update in legacy OS runtime.
X-Git-Tag: edk2-stable201903~9788
X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=c7b897519e710487e82e08e37516a7cf73647c69

SecurityPkg Variable: Prevent BS variable update in legacy OS runtime.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17468 6f19259b-4bc3-4df7-8a09-765794883524
---

diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.c
index be5c935a88..e87e12fc99 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -1019,6 +1019,7 @@ VariableSmmRuntimeInitialize (
   VOID                                      *SmmVariableWriteRegistration;
   EFI_EVENT                                 OnReadyToBootEvent;
   EFI_EVENT                                 ExitBootServiceEvent;
+  EFI_EVENT                                 LegacyBootEvent;
 
   EfiInitializeLock (&mVariableServicesLock, TPL_NOTIFY);
 
@@ -1086,6 +1087,17 @@ VariableSmmRuntimeInitialize (
          &ExitBootServiceEvent
          ); 
 
+  //
+  // Register the event to inform SMM variable that it is at runtime for legacy boot.
+  // Reuse OnExitBootServices() here.
+  //
+  EfiCreateEventLegacyBootEx(
+    TPL_NOTIFY,
+    OnExitBootServices,
+    NULL,
+    &LegacyBootEvent
+    );
+
   //
   // Register the event to convert the pointer for runtime.
   //